Ulf Härnhammar discovered a buffer overflow vulnerability in www-sql,
a CGI program which enables the creation of dynamic web pages by
embedding SQL statements in HTML. By exploiting this
vulnerability, a local user could cause the execution of arbitrary
code by creating a web page and processing it with www-sql.

For the current stable distribution (woody), this problem has been
fixed in version 0.5.7-17woody1.